コード例 #1
0
	def post_reauthenticated( self, params ):
		app_id = params.get( 'delete' )
		if app_id:
			EnkiModelRestAPIDataStore.delete_user_app_data( self.user_id , app_id )
			self.add_infomessage( MSG.SUCCESS(), MSG.APP_DATA_DELETED())
		data_list = EnkiModelApp.user_data_list( self.user_id )
		self.render_tmpl( 'appdatastores.html',
		                  active_menu = 'profile',
		                  data = data_list,
		                  apps_list = EnkiModelApp.user_apps_list( data_list ), )
コード例 #2
0
	def post( self ):
		jsonobject = json.loads( self.request.body )
		success = False
		error = 'Invalid request'
		answer = {}
		if jsonobject:
			code = jsonobject.get( 'code', '')
			displayname = jsonobject.get( 'displayname', '')
			app_id = jsonobject.get( 'app_id', '')
			app_secret = jsonobject.get( 'app_secret', '')
			if code and displayname and app_id and app_secret:
				if EnkiModelApp.exist_by_app_id_app_secret( app_id, app_secret ):   # check against registered apps
					user_id = EnkiModelDisplayName.get_user_id_from_display_name( displayname )
					if user_id:
						entity = EnkiModelRestAPIConnectToken.get_by_user_id_token_valid_age( user_id, code )
						if entity:
							auth_token = enki.libutil.generate_auth_token()
							entity.key.delete()     # single use token
							verification_token = EnkiModelRestAPITokenVerify( token = auth_token, user_id = user_id, app_id = app_id, app_secret = app_secret, type = 'apiconnect' )
							verification_token.put()    # persistent authentication token, a user may have several
							answer.update({ 'user_id' : str( user_id ), 'auth_token' : auth_token })
							success = True
							error = ''
						else:
							error = 'Unauthorised user'
				else:
					error = 'Unauthorised app'
		answer.update({ 'success' : success, 'error' : error })
		self.response.headers[ 'Content-Type' ] = 'application/json'
		self.response.write( json.dumps( answer, separators=(',',':') ))
コード例 #3
0
	def post( self ):
		jsonobject = json.loads( self.request.body )
		success = False
		error = 'Invalid request'
		answer = {}
		if jsonobject:
			user_id = int( jsonobject.get( 'user_id', ''))
			auth_token = jsonobject.get( 'auth_token', '')
			app_secret = jsonobject.get( 'app_secret', '')
			if user_id and auth_token and app_secret:
				if EnkiModelApp.check_secret( user_id, auth_token, app_secret ):
					if EnkiModelRestAPITokenVerify.exist_by_user_id_token( user_id, auth_token ):
						friends = EnkiModelFriends.get_friends_user_id_display_name( user_id )
						if friends:
							answer.update({ 'friends' : friends })
							success = True
							error = ''
						else:
							error = 'Not found'
					else:
						error = 'Unauthorised user'
				else:
					error = 'Unauthorised app'
		answer.update({ 'success' : success, 'error' : error })
		self.response.headers[ 'Content-Type' ] = 'application/json'
		self.response.write( json.dumps( answer, separators=(',',':') ))
コード例 #4
0
	def post( self ):
		jsonobject = json.loads( self.request.body )
		success = False
		error = 'Invalid request'
		answer = {}
		if jsonobject:
			user_id = int( jsonobject.get( 'user_id', ''))
			auth_token = jsonobject.get( 'auth_token', '')
			app_secret = jsonobject.get( 'app_secret', '')
			data_type = jsonobject.get( 'data_type', '')
			data_id = jsonobject.get( 'data_id', '')
			if user_id and auth_token and app_secret and data_type and data_id:
				if EnkiModelApp.check_secret( user_id, auth_token, app_secret ):
					token_valid = EnkiModelRestAPITokenVerify.get_by_user_id_token( user_id, auth_token )
					if token_valid:   # user is valid
						data_stores = EnkiModelRestAPIDataStore.fetch_by_user_id_app_id_data_type_data_id( user_id, token_valid.app_id, data_type, data_id )
						ndb.delete_multi( data_stores )
						success = True
						error = ''
					else:
						error = 'Unauthorised user'
				else:
					error = 'Unauthorised app'
		answer.update({ 'success' : success, 'error' : error })
		self.response.headers[ 'Content-Type' ] = 'application/json'
		self.response.write( json.dumps( answer, separators=(',',':') ))
コード例 #5
0
	def post( self ):
		jsonobject = json.loads( self.request.body )
		success = False
		error = 'Invalid request'
		answer = {}
		if jsonobject:
			user_id = int( jsonobject.get( 'user_id', ''))
			auth_token = jsonobject.get( 'auth_token', '')
			app_secret = jsonobject.get( 'app_secret', '')
			data_type = jsonobject.get( 'data_type', '')
			data_id = jsonobject.get( 'data_id', '')
			if user_id and auth_token and app_secret and data_type and data_id:
				if EnkiModelApp.check_secret( user_id, auth_token, app_secret ):
					token_valid = EnkiModelRestAPITokenVerify.get_by_user_id_token( user_id, auth_token )
					if token_valid:   # user is valid
						data_store_item = EnkiModelRestAPIDataStore.get_by_user_id_app_id_data_type_data_id_not_expired( user_id, token_valid.app_id, data_type, data_id )
						if data_store_item:
							answer.update({ 'data_payload' : data_store_item.data_payload, 'time_expires' : enki.libutil.seconds_from_epoch( data_store_item.time_expires ) , 'read_access' : data_store_item.read_access, 'server_time' : int( time.time())})
							success = True
							error = ''
						else:
							error = 'Not found'
					else:
						error = 'Unauthorised user'
				else:
					error = 'Unauthorised app'
		answer.update({ 'success' : success, 'error' : error })
		self.response.headers[ 'Content-Type' ] = 'application/json'
		self.response.write( json.dumps( answer, separators=(',',':') ))
コード例 #6
0
	def post( self ):
		jsonobject = json.loads( self.request.body )
		success = False
		error = 'Invalid request'
		answer = {}
		if jsonobject:
			user_id = int( jsonobject.get( 'user_id', ''))
			auth_token = jsonobject.get( 'auth_token', '')
			app_secret = jsonobject.get( 'app_secret', '')
			products = jsonobject.get( 'products', '')
			if user_id and auth_token and app_secret:
				if EnkiModelApp.check_secret( user_id, auth_token, app_secret ):
					if EnkiModelRestAPITokenVerify.exist_by_user_id_token( user_id, auth_token ):
						if products:   # check which products in the list are activated by the user and return them
							list_entities = EnkiModelProductKey.fetch_by_activator_products_list( user_id, products )
						else:    # no product specified, return all products activated by the user
							list_entities = EnkiModelProductKey.fetch_by_activator( user_id )
						if list_entities:
							list_products = []
							for i, item in enumerate( list_entities ):
								list_products.append( item.product_name )
							answer.update({ 'products_owned' : list_products })
							success = True
							error = ''
						else:
							error = 'Not found'
					else:
						error = 'Unauthorised user'
				else:
					error = 'Unauthorised app'
		answer.update({ 'success' : success, 'error' : error })
		self.response.headers[ 'Content-Type' ] = 'application/json'
		self.response.write( json.dumps( answer, separators=(',',':') ))
コード例 #7
0
def apps_list(user_id):
    list = []
    apps = EnkiModelApp.fetch_by_user_id(user_id)
    for app in apps:
        list.append(
            [app.name,
             str(app.key.id()), app.secret, app.time_created])
    return list
コード例 #8
0
ファイル: handlersaccount.py プロジェクト: fabriziou/enkiWS
    def get(self):
        if self.ensure_is_logged_in():
            extended = True if self.request.get(
                'extended') == 'True' else False

            data = collections.namedtuple(
                'data',
                'current_display_name, previous_display_names, friends, messages, sessions, sessions_app, apps'
            )

            current_display_name = ''
            previous_display_names = ''
            user_display_name = enki.libdisplayname.get_EnkiUserDisplayName_by_user_id_current(
                self.user_id)
            if user_display_name:
                current_display_name = enki.libdisplayname.get_user_id_display_name_url(
                    user_display_name)
                previous_display_names = enki.libdisplayname.get_user_display_name_old(
                    self.user_id)

            sessions = []
            current_token = self.session.get('auth_token')
            auth_tokens = enki.libuser.fetch_AuthTokens(self.user_id)
            for item in auth_tokens:
                current = False
                if current_token == item.token:
                    current = True
                sessions.append({
                    'tokenauth_id': item.key.id(),
                    'time_created': item.time_created,
                    'current': current
                })

            sessions_app = []
            list = EnkiModelRestAPITokenVerify.fetch_by_user_id_type(
                user_id=self.user_id, type='apiconnect')
            for item in list:
                sessions_app.append({
                    'token_id': item.key.id(),
                    'time_created': item.time_created
                })

            friends = 0
            messages = 0
            apps = 0
            if not extended:
                friends = enki.libfriends.count_EnkiFriends(self.user_id)
                messages = enki.libmessage.count_EnkiMessage_by_recipient(
                    self.user_id)
                apps = EnkiModelApp.count_by_user_id(self.user_id)

            data = data(current_display_name, previous_display_names, friends,
                        messages, sessions, sessions_app, apps)
            self.render_tmpl('profile.html',
                             active_menu='profile',
                             extended=extended,
                             data=data)
コード例 #9
0
ファイル: librestapi.py プロジェクト: juliettef/enkiWS
def user_data_list( user_id ):
	list = []
	data_stores = fetch_EnkiModelRestAPIDataStore_by_user_id( user_id )
	for data_store in data_stores:
		app_name = ''
		app = EnkiModelApp.get_by_id( int( data_store.app_id ))
		if app:
			app_name = app.name
		list.append([ data_store.app_id, app_name, data_store.data_type, data_store.data_id, data_store.data_payload, data_store.read_access, data_store.time_expires ])
	return list
コード例 #10
0
def user_data_list(user_id):
    list = []
    data_stores = fetch_EnkiModelRestAPIDataStore_by_user_id(user_id)
    for data_store in data_stores:
        app_name = ''
        app = EnkiModelApp.get_by_id(int(data_store.app_id))
        if app:
            app_name = app.name
        list.append([
            data_store.app_id, app_name, data_store.data_type,
            data_store.data_id, data_store.data_payload,
            data_store.read_access, data_store.time_expires
        ])
    return list
コード例 #11
0
ファイル: librestapi.py プロジェクト: juliettef/enkiWS
def check_secret( user_id, auth_token, app_secret ):
	if EnkiModelRestAPITokenVerify.exist_by_user_id_token_app_secret( user_id, auth_token, app_secret ):
		# the user verify token contains the same secret as was sent in the request
		return True
	else:
		# retrieve the app_id from the verify token and check if the corresponding registered app has a new secret
		token_verify = EnkiModelRestAPITokenVerify.get_by_user_id_token( user_id, auth_token )
		if token_verify:
			app = EnkiModelApp.get_by_id( int( token_verify.app_id ))
			if app and app.secret == app_secret:
				# update the user's verify token app_secret
				token_verify.app_secret = app.secret
				token_verify.put()
				return True
	return False
コード例 #12
0
	def post( self ):
		jsonobject = json.loads( self.request.body )
		success = False
		error = 'Invalid request'
		answer = {}
		if jsonobject:
			user_id = int( jsonobject.get( 'user_id', ''))
			auth_token = jsonobject.get( 'auth_token', '')
			app_secret = jsonobject.get( 'app_secret', '')
			data_type = jsonobject.get( 'data_type', '')
			data_id = jsonobject.get( 'data_id', '')
			data_payload = jsonobject.get( 'data_payload' )
			# set the expiry time
			time_to_expiry = int(jsonobject.get( 'time_expires', EnkiModelRestAPIDataStore.DATASTORE_EXPIRY_DEFAULT ))  # default lifetime if unspecified
			if time_to_expiry == 0: # non-expiring lifetime
				time_to_expiry = EnkiModelRestAPIDataStore.DATASTORE_NON_EXPIRING
			time_expires = datetime.datetime.now() + datetime.timedelta( seconds = time_to_expiry )
			read_access = jsonobject.get( 'read_access', '' )
			if user_id and auth_token and app_secret and data_type and data_id and data_payload and time_expires:
				if EnkiModelApp.check_secret( user_id, auth_token, app_secret ):
					token_valid = EnkiModelRestAPITokenVerify.get_by_user_id_token( user_id, auth_token )
					if token_valid:   # user is valid
						# add optional calculated properties to the data payload
						if 'calc_ip_addr' in data_payload:    # IP address of the request
							remote_address = self.request.remote_addr
							data_payload.update({ 'calc_ip_addr' : remote_address })
						data_store = EnkiModelRestAPIDataStore.get_by_user_id_app_id_data_type_data_id( user_id, token_valid.app_id, data_type, data_id )
						if data_store:  # update
							data_store.data_payload = data_payload
							data_store.time_expires = time_expires  # update the expiry time
							if read_access: # if read_access is not specified, don't update it
								data_store.read_access = read_access
						else:   # create new
							if not read_access: # if read_access is not specified, use the default value defined in the model
								data_store = EnkiModelRestAPIDataStore( user_id = user_id, app_id = token_valid.app_id, data_type = data_type, data_id = data_id, data_payload = data_payload, time_expires = time_expires )
							else:
								data_store = EnkiModelRestAPIDataStore( user_id = user_id, app_id = token_valid.app_id, data_type = data_type, data_id = data_id, data_payload = data_payload, time_expires = time_expires, read_access = read_access )
						data_store.put()
						success = True
						error = ''
					else:
						error = 'Unauthorised user'
				else:
					error = 'Unauthorised app'
		answer.update({ 'success' : success, 'error' : error })
		self.response.headers[ 'Content-Type' ] = 'application/json'
		self.response.write( json.dumps( answer, separators=(',',':') ))
コード例 #13
0
def check_secret(user_id, auth_token, app_secret):
    if EnkiModelRestAPITokenVerify.exist_by_user_id_token_app_secret(
            user_id, auth_token, app_secret):
        # the user verify token contains the same secret as was sent in the request
        return True
    else:
        # retrieve the app_id from the verify token and check if the corresponding registered app has a new secret
        token_verify = EnkiModelRestAPITokenVerify.get_by_user_id_token(
            user_id, auth_token)
        if token_verify:
            app = EnkiModelApp.get_by_id(int(token_verify.app_id))
            if app and app.secret == app_secret:
                # update the user's verify token app_secret
                token_verify.app_secret = app.secret
                token_verify.put()
                return True
    return False
コード例 #14
0
ファイル: handlersrestapi.py プロジェクト: fabriziou/enkiWS
 def post_reauthenticated(self, params):
     app_secret_set = params.get('app_secret_set')
     app_name = params.get('app_name')
     error_message = ''
     data = []
     app_success = ''
     if app_secret_set:
         secret = enki.librestapi.generate_auth_token()
         app = EnkiModelApp.get_by_id(int(app_secret_set))
         app.secret = secret
         app.put()
         self.add_infomessage('success', MSG.SUCCESS(),
                              MSG.NEW_SECRET_GENERATED())
         app_success = str(app.key.id())
         data = enki.librestapi.apps_list(self.user_id)
     else:
         data = enki.librestapi.apps_list(self.user_id)
         if not app_name:
             error_message = MSG.NAME_NEEDED()
         elif (len(app_name) > enki.librestapi.APP_MAX_NAME_LENGTH):
             error_message = MSG.APP_NAME_TOO_LONG(
                 str(enki.librestapi.APP_MAX_NAME_LENGTH))
         elif EnkiModelApp.exist_by_name(app_name):
             error_message = MSG.APP_NAME_ALREADY_EXISTS()
         elif (EnkiModelApp.count_by_user_id(self.user_id) >=
               enki.librestapi.APP_MAX):
             error_message = MSG.APP_EXCEED_ALLOWED()
         else:
             secret = enki.librestapi.generate_auth_token()
             app = EnkiModelApp(user_id=self.user_id,
                                name=app_name,
                                secret=secret)
             app.put()
             data.append(
                 [app_name,
                  str(app.key.id()), secret, app.time_created])
             self.add_infomessage('success', MSG.SUCCESS(),
                                  MSG.APP_CREATED())
             app_success = str(app.key.id())
     self.render_tmpl(
         'apps.html',
         active_menu='profile',
         error=error_message,
         data=data,
         app_success=app_success,
         app_max=enki.librestapi.APP_MAX,
         app_max_name_length=enki.librestapi.APP_MAX_NAME_LENGTH,
     )
コード例 #15
0
	def post( self ):
		jsonobject = json.loads( self.request.body )
		success = False
		error = 'Invalid request'
		answer = {}
		if jsonobject:
			user_id = int( jsonobject.get( 'user_id', '' ))
			auth_token = jsonobject.get( 'auth_token', '' )
			app_secret = jsonobject.get( 'app_secret', '')
			data_type = jsonobject.get( 'data_type', '' )
			read_access = jsonobject.get( 'read_access', '' )
			if user_id and auth_token and app_secret and data_type and ( read_access == 'public' or read_access == 'private' or read_access == 'friends' ):
				if EnkiModelApp.check_secret( user_id, auth_token, app_secret ):
					token_valid = EnkiModelRestAPITokenVerify.get_by_user_id_token( user_id, auth_token )
					if token_valid:   # user is valid
						error = 'Not found'
						data_store_list = []
						if read_access == 'public':   # returns all data with read-access "public"
							data_store_list = EnkiModelRestAPIDataStore.fetch_by_app_id_data_type_read_access_not_expired( token_valid.app_id, data_type, read_access )
						else:
							people_list = []
							if read_access == 'private':    # returns all user's data with read-access "private"
								people_list = [ user_id ]
							elif read_access == 'friends':    # returns list of user's friends' data with friends' read_access "friends"
								people_list = EnkiModelFriends.get_friends_user_id( user_id )    # get the user's friends' ids
							if people_list:
								for person_id in people_list:   # get each persons' data
									data_store_list = EnkiModelRestAPIDataStore.fetch_by_user_id_app_id_data_type_read_access_not_expired( person_id, token_valid.app_id, data_type, read_access )
						if data_store_list:
							data_payloads = []
							for data_store_item in data_store_list:
								data_payloads.append({ 'user_id' : str( data_store_item.user_id ), 'data_id' : data_store_item.data_id, 'data_payload' : data_store_item.data_payload, 'time_expires' : enki.libutil.seconds_from_epoch( data_store_item.time_expires )})
							if data_payloads:
								answer.update({ 'data_payloads' : data_payloads, 'server_time' : int( time.time())})
								success = True
								error = ''
					else:
						error = 'Unauthorised user'
				else:
					error = 'Unauthorised app'
		answer.update({ 'success' : success, 'error' : error })
		self.response.headers[ 'Content-Type' ] = 'application/json'
		self.response.write( json.dumps( answer, separators=(',',':') ))
コード例 #16
0
ファイル: handlersaccount.py プロジェクト: juliettef/enkiWS
	def get( self ):
		if self.ensure_is_logged_in():
			extended = True if self.request.get( 'extended' ) == 'True' else False

			data = collections.namedtuple( 'data', 'current_display_name, previous_display_names, friends, messages, sessions, sessions_app, apps' )

			current_display_name = ''
			previous_display_names = ''
			user_display_name = enki.libdisplayname.get_EnkiUserDisplayName_by_user_id_current( self.user_id )
			if user_display_name:
				current_display_name = enki.libdisplayname.get_user_id_display_name_url( user_display_name )
				previous_display_names = enki.libdisplayname.get_user_display_name_old( self.user_id )

			sessions = []
			current_token = self.session.get( 'auth_token' )
			auth_tokens = enki.libuser.fetch_AuthTokens( self.user_id )
			for item in auth_tokens:
				current = False
				if current_token == item.token:
					current = True
				sessions.append({ 'tokenauth_id' : item.key.id(), 'time_created' : item.time_created, 'current' : current })

			sessions_app = []
			list = EnkiModelRestAPITokenVerify.fetch_by_user_id_type( user_id = self.user_id, type = 'apiconnect' )
			for item in list:
				sessions_app.append({ 'token_id' : item.key.id(), 'time_created' : item.time_created })

			friends = 0
			messages = 0
			apps = 0
			if not extended:
				friends = enki.libfriends.count_EnkiFriends( self.user_id )
				messages = enki.libmessage.count_EnkiMessage_by_recipient( self.user_id )
				apps = EnkiModelApp.count_by_user_id( self.user_id )

			data = data( current_display_name, previous_display_names, friends, messages, sessions, sessions_app, apps )
			self.render_tmpl( 'profile.html',
			                  active_menu = 'profile',
			                  extended = extended,
			                  data = data )
コード例 #17
0
	def get_logged_in( self ):
		self.render_tmpl( 'apps.html',
					  active_menu = 'profile',
					  data = EnkiModelApp.apps_list( self.user_id ),
					  app_max = EnkiModelApp.APP_MAX,
					  app_max_name_length = EnkiModelApp.APP_MAX_NAME_LENGTH, )
コード例 #18
0
	def get_logged_in( self ):
		data_list = EnkiModelApp.user_data_list( self.user_id )
		self.render_tmpl( 'appdatastores.html',
		                  active_menu = 'profile',
		                  data = data_list,
		                  apps_list = EnkiModelApp.user_apps_list( data_list ), )
コード例 #19
0
ファイル: librestapi.py プロジェクト: juliettef/enkiWS
def apps_list( user_id ):
	list = []
	apps = EnkiModelApp.fetch_by_user_id( user_id )
	for app in apps:
		list.append([ app.name, str( app.key.id()), app.secret, app.time_created ])
	return list